Re: [exim] Slowing Blacklisted Authenticated Users

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Slowing Blacklisted Authenticated Users
On 11/23/2012 05:39 PM, Matt wrote:
> I have this to block users that authenticate and are on a blacklist.
>
> deny
> dnslists = some.black.list.or.another
>          authenticated = *
>          verify=recipient
>          message = blocked authenticated sender

>
> Rather then block these I would like to rate limit black listed
> authenticated senders to 5 messages an hour or so in case its a false
> positve.
>
> I see this:
>
> # Keep authenticated users under control
> warn ratelimit = 100 / 1h / strict / $authenticated_id
>           delay     = ${eval: ${sg{$sender_rate}{[.].*}{}} -
> $sender_rate_limit }s

>
> But how do I make this only trigger on blacklisted authenticated users?
>


Put it in the deny rather than it's own warn. You might want to drop the
delay as being pointless if you're denying. I'd also suggest you do the
authenticated check before the dnslists check; it's almost certainly cheaper.

And I'm with Lena on the recipient verify; you need to think very carefully
about what you're trying to achieve. Read around the docs (http://exim.org)
to get a fuller understanding.
--
Jeremy